Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/nND3u1FCZ73dZAYAjnDTdahiceo.roa
File: nND3u1FCZ73dZAYAjnDTdahiceo.roa (raw, json)
Hash identifier: IKYaDuD09keROgR1kaE2pGIATWjtdawmFAqhPZR1Dk0=
Subject key identifier: 9C:D0:F7:BB:51:42:67:BD:DD:64:06:00:8E:70:D3:75:A8:62:71:EA
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC424592ED8F9B69153B16221F125CD00
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/nND3u1FCZ73dZAYAjnDTdahiceo.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201327
IP address blocks: 95.140.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 06:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:59:2e:d8:f9:b6:91:53:b1:62:21:f1:25:cd:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cd0f7bb514267bddd6406008e70d375a86271ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:37:5a:39:4a:5a:2c:0e:bb:e1:40:66:36:95:
da:f2:02:ac:91:01:4b:a8:f2:7f:fa:dd:04:c1:3a:
91:87:43:70:66:1e:fc:42:51:dc:5a:d4:11:fe:2d:
9d:71:94:6d:8e:5b:98:68:b6:99:22:ce:6a:9a:cd:
06:2d:38:5d:80:56:d3:30:ef:de:78:75:e8:a1:67:
ed:19:0e:03:ce:6b:da:f6:b9:5b:b0:ff:82:d5:5a:
95:f5:93:af:37:64:bb:7f:7f:a5:0a:a9:ca:8b:05:
fe:73:ca:9a:27:3d:48:d2:be:e7:0b:b1:40:81:68:
de:f9:91:9a:b5:74:d1:c3:d0:94:94:2d:58:81:12:
c6:77:41:b6:e6:f2:a6:b1:46:74:b5:98:01:b7:e5:
65:cf:7b:4d:4b:3f:a0:52:6f:bb:d9:a1:35:3f:ee:
e3:7b:2c:5d:1e:27:55:41:22:50:ab:8e:80:c4:3b:
9a:76:d7:27:05:35:36:5d:8b:24:05:a7:d3:4a:2a:
aa:f2:5e:78:e8:46:22:b1:e3:cc:d0:7e:02:25:1c:
7e:82:d2:6c:e7:07:51:4c:8c:aa:d1:34:1e:f0:5e:
1f:d0:2c:c7:28:13:63:8a:2e:de:6a:77:70:ea:e2:
87:61:36:6d:b3:80:ee:6e:57:72:e6:d6:52:af:d2:
6f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D0:F7:BB:51:42:67:BD:DD:64:06:00:8E:70:D3:75:A8:62:71:EA
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/nND3u1FCZ73dZAYAjnDTdahiceo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.82.0/24
Signature Algorithm: sha256WithRSAEncryption
81:99:b3:af:35:cb:d3:e9:cb:8e:ab:c3:3c:e3:a0:b7:ab:02:
fd:41:7b:e7:da:64:26:5e:94:cf:b4:71:7a:5e:43:e9:d3:d6:
1e:bc:5d:94:97:50:1d:e5:dd:2d:3c:1b:9a:fb:51:ad:00:67:
dc:98:78:d7:4f:e1:f1:b7:7c:a9:0f:75:d6:eb:20:5f:59:cb:
92:38:5c:48:98:f1:05:99:9e:bc:77:e0:d4:53:85:04:d7:d3:
96:9c:2e:02:a6:7c:fa:5a:6d:7f:ce:06:0c:be:36:e9:27:f6:
3e:e3:5c:dd:ba:50:70:64:0a:dd:f6:aa:89:4b:e9:2b:7e:b6:
d0:49:d3:ab:a7:02:4c:34:40:ea:42:75:16:a5:70:cf:84:11:
a0:26:eb:10:8f:20:98:ab:e1:7f:4a:f5:f4:34:f3:45:ca:f9:
82:6b:41:7e:2f:43:19:74:b5:1e:ba:dc:bc:80:3f:38:10:bd:
81:d6:77:ab:52:d2:96:c4:74:ce:cc:63:8a:a5:61:73:73:89:
7b:11:77:22:cb:33:f2:84:58:c6:70:5e:3b:38:72:d1:83:3e:
0d:7d:72:6d:69:6d:1e:38:50:22:06:e8:84:b0:62:9a:88:19:
94:66:62:0b:a9:6d:7e:2b:36:3b:19:5a:20:52:f5:3d:e1:18:
f8:28:af:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFku2Pm2kVOxYiHxJc0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2QwZjdiYjUxNDI2N2JkZGQ2NDA2MDA4ZTcwZDM3NWE4NjI3MWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDdaOUpaLA674UBmNpXa8gKskQFL
qPJ/+t0EwTqRh0NwZh78QlHcWtQR/i2dcZRtjluYaLaZIs5qms0GLThdgFbTMO/e
eHXooWftGQ4Dzmva9rlbsP+C1VqV9ZOvN2S7f3+lCqnKiwX+c8qaJz1I0r7nC7FA
gWje+ZGatXTRw9CUlC1YgRLGd0G25vKmsUZ0tZgBt+Vlz3tNSz+gUm+72aE1P+7j
eyxdHidVQSJQq46AxDuadtcnBTU2XYskBafTSiqq8l546EYisePM0H4CJRx+gtJs
5wdRTIyq0TQe8F4f0CzHKBNjii7eandw6uKHYTZts4Dubldy5tZSr9JvgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzQ97tRQme93WQGAI5w03WoYnHqMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvbk5EM3UxRkNaNzNkWkFZQWpuRFRkYWhpY2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4xSMA0G
CSqGSIb3DQEBCwUAA4IBAQCBmbOvNcvT6cuOq8M846C3qwL9QXvn2mQmXpTPtHF6
XkPp09YevF2Ul1Ad5d0tPBua+1GtAGfcmHjXT+Hxt3ypD3XW6yBfWcuSOFxImPEF
mZ68d+DUU4UE19OWnC4Cpnz6Wm1/zgYMvjbpJ/Y+41zdulBwZArd9qqJS+krfrbQ
SdOrpwJMNEDqQnUWpXDPhBGgJusQjyCYq+F/SvX0NPNFyvmCa0F+L0MZdLUeuty8
gD84EL2B1nerUtKWxHTOzGOKpWFzc4l7EXciyzPyhFjGcF47OHLRgz4NfXJtaW0e
OFAiBuiEsGKaiBmUZmILqW1+KzY7GVogUvU94Rj4KK+O
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:04 2025 by rpki-client